Download Security and privacy for storage and computation in cloud computing

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts
no text concepts found
Transcript 
SECURITY AND PRIVACY FOR STORAGE
AND COMPUTATION IN CLOUD COMPUTING
Lifei Wei, Haojin Zhu, Zhenfu Cao, Xiaolei Dong,
Weiwei Jia, Yunlu Chen, Athanasios V. Vasilakos
Presented By:
Srinivas Balivada
OUTLINE:
1) Introduction
2) Problem Formulation
3) Basic SecCloud Platform
4) Advanced Protocol with Batch Verification
5) Security Analysis
6) Performance Analysis
7) Conclusions
INTRODUCTION:

Cloud Computing
Cloud computing is a new computing paradigm that aims to
provide reliable, customized and quality of service guaranteed
computation environments for cloud users.

Benefits of Cloud Computing





Flexible way to obtain computation and storage resources on
demand.
Avoids potentially large up-front investment.
Reduce operational costs through economies of scale by the help
of Pay as you go scheme.
Managements of physical data and machines are delegated to the
Cloud Service Providers
Optimum Utilization of commonly shared computation resources.
INTRODUCTION (CONTD.):
Cloud Computing Security: Can be classified into two major classes
:

Cloud Storage Security:

Cloud Computation Security:

Concerns in Cloud Computing Security:
INTRODUCTION (CONTD.):

Approaches to Cloud Computation Security:
Prevent the cloud users from incurring expensive verification costs
by introducing a trusted auditor who conducts cloud auditing on
behalf of the users.
 To achieve secure computing auditing in cloud, one straightforward
method is to double-check each result.
 The cloud providers may give the inputs and overall computing
result to the auditor, which will follow an identical procedure to
compute the result and then compare it with the one provided by
the cloud providers.
However, these schemes may lead to a wastage of time and
computation resources.

PROBLEM FORMULATION:

System architecture of cloud computing:
PROBLEM FORMULATION(CONTD.):

Adversarial Model:
An Adversary A could corrupt a small set of cloud servers and control
these servers to launch various cheating attacks. The various attacks are:
 Storage Cheating Attack Model:

Computation Cheating Attack Model:
.
Privacy Cheating Attack Model:

Privacy-cheating discouragement:

PROBLEM FORMULATION(CONTD.):
Design Goals:
The proposed protocol is expected to achieve the following security
and performance goals:
 Data Storage Security:
 Data Computation Security:
 Privacy Cheating Discouragement:
 Efficiency:


It relies on Identity based cryptography and consists of four phases :




System Initialization
Secure Cloud Storage
Secure Cloud Computation
Computation Result Auditing
BASIC SECCLOUD PROTOCOL(CONTD.):


System Initialization:

System Setup Step:

User Registration Step
Secure Cloud Storage:

Storage Space Applying Step:

Data Signing Step:
BASIC SECCLOUD PROTOCOL(CONTD.):

Secure Cloud Storage:
• Data Encapsulation Step
•

Data Receiving Step
Secure Cloud Computation:
The protocol is based on a commitment scheme using Merkle hash
tree and has 2 steps:

Computation Request Step:

Commitment Generation Step:
BASIC SECCLOUD PROTOCOL(CONTD.):

Computation Result Auditing:
 CU sends {F,P,Y,R, SigCS(R)} as well as a warrant include the
identity of the delegate right and the expired time to VA for
auditing.
 VA not only checks if the data has been appropriately stored at
the cloud server but also ensures if the computation process
has been performed correctly.
 Auditing Challenge Step:
 Auditing Response Step:
BASIC SECCLOUD PROTOCOL(CONTD.):

Computation Result Auditing:
ADVANCED PROTOCOL WITH BATCH
VERIFICATION:





The authors introduce an advanced protocol to further reduce the
computational and communication overhead comes from
verification of the signatures.
The idea comes from aggregate signatures with batch verification.
The scheme can achieve almost constant computation overhead
for VA in the data verification as well as CSP.
VA can concurrently handle multiple verification requests from
various clouds.
Given n unauthenticated signatures, in such batch verification, the
major computational cost is bounded by 2 pairings while it costs 2n
pairings by individual verification, which is a significant
improvement on computational efficiency.
SECURITY ANALYSIS:

Uncheatability Analysis:
SECURITY ANALYSIS(CONTD.):

Privacy Discouragement Analysis:

Optimal Sample Size to Minimize Total Cost:

Cryptographic Overhead Evaluation:
PERFORMANCE ANALYSIS:

The performance of SecCloud is evaluated in two aspects:
Cryptographic Overhead Evaluation:


SecCloud protocol is much more efficient than the previous ones
since pairing times are constant.
Computational cost for different signature schemes which need to
handle a batch signatures with a size of n are described below:
PERFORMANCE ANALYSIS(CONTD.):

Experiment Environment:
 Traditional DFS:

SecHDFS:
PERFORMANCE ANALYSIS(CONTD.):

Experiment Environment(contd.):

Experiment Results(contd.):
Impact of Traffic Load II :
and in the client’s side, respectively.
PERFORMANCE ANALYSIS(CONTD.):

Experiment Environment:
 Experiment Results):
Overall Overhead Comparison:
Total uploading time comparison between the original protocol and SecCloud.
CONCLUSION:
 The
authors have proposed, SecCloud, a privacycheating discouragement and secure-computation
auditing protocol for data security in the cloud.
 It is the first work that jointly considers both of data
storage security and computation auditing security
in the cloud.
 The authors defined the concepts of uncheatable
cloud computation and privacy-cheating
discouragement and proposed SecCloud to achieve
the security goals.
CONCLUSION:
 To
improve the efficiency, different users’ requests can be concurrently
handled through the batch verification.
 By the extensive security analysis and performance simulation in the
developed SecHDFS, it is showed that protocol is effective and efficient
for achieving secure cloud computing without affecting the system
performance.
 Future Works :
 Consideration
some detailed computation such as linear program
computation and data mining and formalize these security models in the
cloud computing.
THANK YOU
Related documents
Water in the Air - Earth Science With Mrs. Locke
Water in the Air - Earth Science With Mrs. Locke
ASTR2050 Introduction to Astronomy and Astrophysics Studio lab April 1, 2005
ASTR2050 Introduction to Astronomy and Astrophysics Studio lab April 1, 2005
I am a tornado - Santee School District
I am a tornado - Santee School District
1 - OnCourse
1 - OnCourse
Operating System Research Worksheet
Operating System Research Worksheet
Meteorology Study Guide
Meteorology Study Guide
Clouds- Lesson 3
Clouds- Lesson 3
Why is the sky blue? - Pennsylvania Sea Grant
Why is the sky blue? - Pennsylvania Sea Grant
FinalExamSpring2005
FinalExamSpring2005
Formation of the Solar System
Formation of the Solar System
Solar System Formation - The Solar Nebula Theory
Solar System Formation - The Solar Nebula Theory
What is Matter? Anything that can be smelled, tasted, touched… Has
What is Matter? Anything that can be smelled, tasted, touched… Has